212.164.39.105

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Sibirtelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 212.164.39.105 on Port 445(SMB)	2019-12-06 01:37:17

Comments on same subnet:

IP	Type	Details	Datetime
212.164.39.76	attackbotsspam	Unauthorized connection attempt detected from IP address 212.164.39.76 to port 445 [T]	2020-06-04 07:21:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.164.39.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54425
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.164.39.105.			IN	A

;; AUTHORITY SECTION:
.			581	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120501 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 06 01:37:12 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 105.39.164.212.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

** server can't find 105.39.164.212.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
24.146.62.34	attack	Draytek Vigor Remote Command Execution Vulnerability	2020-04-06 21:37:42
93.99.104.117	attackbots	20 attempts against mh-misbehave-ban on cell	2020-04-06 21:42:44
134.209.147.198	attack	Apr 6 15:44:34 eventyay sshd[16424]: Failed password for root from 134.209.147.198 port 40898 ssh2 Apr 6 15:49:21 eventyay sshd[16604]: Failed password for root from 134.209.147.198 port 57956 ssh2 ...	2020-04-06 21:57:05
50.127.71.5	attackspambots	Apr 6 19:57:35 webhost01 sshd[27080]: Failed password for root from 50.127.71.5 port 43834 ssh2 ...	2020-04-06 21:18:17
116.68.172.242	attackspam	Unauthorized connection attempt from IP address 116.68.172.242 on Port 445(SMB)	2020-04-06 21:59:38
149.255.118.187	attackspambots	Unauthorized connection attempt from IP address 149.255.118.187 on Port 445(SMB)	2020-04-06 21:58:00
42.113.144.82	attackbots	Unauthorized connection attempt from IP address 42.113.144.82 on Port 445(SMB)	2020-04-06 21:40:14
36.66.86.154	attackspambots	Unauthorized connection attempt from IP address 36.66.86.154 on Port 445(SMB)	2020-04-06 21:17:01
103.218.242.10	attackbots	Apr 6 14:57:21 vps647732 sshd[28347]: Failed password for root from 103.218.242.10 port 46328 ssh2 ...	2020-04-06 21:25:23
152.136.207.121	attackbots	(sshd) Failed SSH login from 152.136.207.121 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 6 14:40:54 amsweb01 sshd[30135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.207.121 user=root Apr 6 14:40:56 amsweb01 sshd[30135]: Failed password for root from 152.136.207.121 port 60344 ssh2 Apr 6 14:43:31 amsweb01 sshd[30436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.207.121 user=root Apr 6 14:43:33 amsweb01 sshd[30436]: Failed password for root from 152.136.207.121 port 57398 ssh2 Apr 6 14:45:41 amsweb01 sshd[30698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.207.121 user=root	2020-04-06 21:16:23
51.68.44.13	attackspam	Apr 6 09:40:49 ws12vmsma01 sshd[35843]: Failed password for root from 51.68.44.13 port 47018 ssh2 Apr 6 09:44:49 ws12vmsma01 sshd[36462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.ip-51-68-44.eu user=root Apr 6 09:44:51 ws12vmsma01 sshd[36462]: Failed password for root from 51.68.44.13 port 58040 ssh2 ...	2020-04-06 21:33:06
182.61.184.155	attackspam	Apr 6 02:58:39 php1 sshd\[20863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.184.155 user=root Apr 6 02:58:41 php1 sshd\[20863\]: Failed password for root from 182.61.184.155 port 42128 ssh2 Apr 6 03:03:07 php1 sshd\[21293\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.184.155 user=root Apr 6 03:03:09 php1 sshd\[21293\]: Failed password for root from 182.61.184.155 port 59552 ssh2 Apr 6 03:07:39 php1 sshd\[21705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.184.155 user=root	2020-04-06 21:38:43
54.38.90.228	attack	[Mon Apr 06 19:45:27.247587 2020] [:error] [pid 15907:tid 140022793615104] [client 54.38.90.228:43924] [client 54.38.90.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1224"] [id "920320"] [msg "Missing User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "staklim-malang.info"] [uri "/images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian_Provinsi_Jawa_Timur/2019/09/Peta_Prakiraan_Probabilistik_Curah_Hujan_Dasarian_II_SEPTEMBER-2019_Provinsi_Jawa_Timur_Update_10_September_ ...	2020-04-06 21:37:25
154.126.167.202	attackbots	Unauthorized connection attempt from IP address 154.126.167.202 on Port 445(SMB)	2020-04-06 22:03:31
37.99.48.101	attack	Unauthorized connection attempt from IP address 37.99.48.101 on Port 445(SMB)	2020-04-06 21:30:30

Recently Reported IPs

87.98.135.145	86.102.55.50	185.97.114.61	134.73.51.238
123.16.144.69	89.121.180.211	39.79.54.31	200.228.214.66
190.167.66.149	40.83.170.197	201.90.40.1	65.96.144.205
190.75.145.221	45.117.82.93	89.184.9.78	94.158.37.115
180.247.181.222	58.57.104.6	94.29.126.69	36.228.3.124